SlideShare ist ein Scribd-Unternehmen logo

Avoiding data breach using security intelligence and big data to stay out of the headlines

Als PPT, PDF herunterladen
IBM Security
IBM Security

Attackers and exploits are becoming increasingly sophisticated, and the pressure to protect business critical data is only getting more and more intense. Security Intelligence transforms the playing field by adding analytics and context, and shifts the balance in favor of the good guys. Today forward thinking organizations are looking at extending Security Intelligence even further by combining it with Big Data to form a solution that allows them to analyze new types of information, and data that travels at higher velocity, and in larger volume. This powerful combination yields new insights that can more effectively identify threats and fraud than ever before. In this session, attendees will learn how to combine Security Intelligence and Big Data, and deploy a solution that is well suited for structured, repeatable tasks. We will also cover the addition of complementary new technologies that address speed and flexibility, and are ideal for analyzing unstructured data. This session will also highlight how organizations are using Security Intelligence to pro-actively detect advanced threats before they cause damage, and take effective corrective action if a compromise succeeds. View the On-demand webinar: https://www2.gotomeeting.com/register/657029698

BusinessTechnologie
1 von 28
IBM Security Systems AMPLIFYING SECURITY INTELLIGENCE WITH BIG DATA AND ADVANCED ANALYTICS Vijay Dheap Global Product Manager, Master Inventor Big Data Security Intelligence & Mobile Security vdheap@us.ibm.com 1 IBM Security Systems © 2012 IBM Corporation © 2012 IBM Corporation
IBM Security Systems Welcome to a Not So Friendly Cyber World… Biggest Bank Heist in History Nets $45Million All without setting foot in a Bank… CYBER ESPIONAGE VIA SOCIAL NETWORKING SITES TARGET: US DOD OFFICIALS Hidden Malware Steals 3000 Confidential Documents – Japanese Ministry 2 IBM Security Systems © 2012 IBM Corporation
IBM Security Systems Playing Defense… Traditional Approach to Security Predicated on a Defensive Mindset  Assumes explicit organizational perimeter  Optimized for combating external threats  Presumes standardization mitigates risk  Dependent on general awareness of attack methodologies  Requires monitoring and control of traffic flows Origins of Security Intelligence Layered Defenses Essential for Good Security Hygiene and Addressing Traditional Security Threats…but attackers adapting too 3 IBM Security Systems © 2012 IBM Corporation
IBM Security Systems Business Change is Coming…If Not Already Here Enterprises are Undergoing Dynamic Transformations The Organization’s Cyber Perimeter is Being Blurred…It can no longer be assumed 4 IBM Security Systems © 2012 IBM Corporation
IBM Security Systems Evolving Attack Tactics…Focus on Breaching Defenses 5 IBM Security Systems © 2012 IBM Corporation
IBM Security Systems A Look at the Emerging Threat Landscape Targeted, Persistent, Clandestine Concealed, Motivated, Opportunistic Situational, Subversive, Unsanctioned 6 IBM Security Systems Topical, Disruptive, Public Focused, Well-Funded, Scalable © 2012 IBM Corporation
IBM Security Systems Questions CISO Want to be Able to Answer… 7 IBM Security Systems © 2012 IBM Corporation
IBM Security Systems Incorporating a More Proactive Mindset to Enterprise Security Audit, Patch & Block Detect, Analyze & Remediate Think like a defender, defense-in-depth mindset Think like an attacker, counter intelligence mindset Protect all assets Emphasize the perimeter Patch systems Use signature-based detection Scan endpoints for malware Read the latest news Collect logs Conduct manual interviews Shut down systems Protect high value assets Emphasize the data Harden targets and weakest links Use anomaly-based detection Baseline system behavior Consume threat feeds Collect everything Automate correlation and analytics Gather and preserve evidence Broad 8 IBM Security Systems Targeted © 2012 IBM Corporation
IBM Security Systems Greater Need for Security Intelligence… • Visibility across organizational security systems • Improved response times • Adaptability/flexibility required for early detection of threats and risky behaviors 9 IBM Security Systems Log Manager SIEM Network Activity Monitor Risk Manager Vulnerability Manager © 2012 IBM Corporation
IBM Security Systems Evolution of Security Intelligence nti de /I ers es Us  Initial Visibility  Facilitates Compliance  Attackers adapt not to leave a trace t s e ry A s ve o is c D ork tw Ne low F t og men L e g na Ma t og men L e g na Ma ti  Network Does Not Lie  Greater Coverage across organization  Attackers adapt to hide in the noise SIEM ti nti de s/I r se es U g nt Lo eme g na Ma 10 IBM Security Systems t s e ry A s ve o i sc D ork etw N Flow …other relevant data red a Sh l nte I t ke c Pa ure ll Fu apt C  Filters out the noise, improves incident and offense identification  Proactive to detect targeted and zero-day attacks  Needs scalability to add more data sources and extensibility to support additional security analytics Security Intelligence © 2012 IBM Corporation
IBM Security Systems Amplifying Security Intelligence with Big Data Analytics The Triggers That Motivate Big Data Analytics for Security Intelligence: 11 IBM Security Systems © 2012 IBM Corporation
IBM Security Systems Extending the IQ of a Security Intelligence Solution to Big Data Need to derive security relevant semantics from syntactic elements contained in raw data. Distilling Analytical functions, tools and workflows that can be employed to deliver insights Availability of codified human know-how and understanding to enable machine processing and progressively automate manual processes 12 IBM Security Systems © 2012 IBM Corporation
Confidential – for division executives only IBM Security Strategy Use Cases 13 IBM Confidential © 2011 IBM Corporation
IBM Security Systems Security Intelligence From Real-time Processing of Big Data Behavior monitoring and flow analytics Activity and data access monitoring Stealthy malware detection 14 IBM Security Systems Network Traffic Network Traffic Doesn‘t Lie Doesn‘t Lie Attackers can stop logging and Attackers can stop logging and erase their tracks, but can’t cut off erase their tracks, but can’t cut off the network (flow data) the network (flow data) Improved Improved Breach Detection Breach Detection 360-degree visibility helps 360-degree visibility helps distinguish true breaches from distinguish true breaches from benign activity, in real-time benign activity, in real-time Irrefutable Botnet Irrefutable Botnet Communication Communication Layer 7 flow data shows botnet Layer 7 flow data shows botnet command and control instructions command and control instructions © 2012 IBM Corporation
IBM Security Systems Security Intelligence Amplified by Advanced Analytics Hunting for External Command & Control (C&C) Domains of an Attacker Historical analysis of DNS activity within organization Automate correlation against external DNS registries Advanced analytics identify suspicious domains Why only a few hits across the entire organization to these domains? Correlating to public DNS registry information increases suspicions Pursue Active Spear-Phishing Campaigns Targeting the Organization Employ Big Data Analytics on email to identify patterns to identify targets and redirects Build visualizations, such as heat maps, to view top targets of a spear-phishing attacks Load Spear-Phishing targets and redirect URLs into realtime security intelligence analysis to thwart the attack 15 IBM Security Systems © 2012 IBM Corporation
IBM Security Systems Security Intelligence Amplified by Advanced Analytics Tracking Multiple Unrelated Identities Who am I? Who are you? Who do we communicate with? What devices do we own? Name: John Smith Corporate ID: John.Smith@us.ibm.com Google analytics: jsmith22@gmail.com Mobile: 613-334-6572, MAC, IP Public Community: BigPipes11 Laptop: Several IPs, MAC Addresses, HostNames Tablet: IP Address, MAC Address Employ Big Data Analytics on structured attributes and un structured communications to link identities Other linking attributes: Fonts installed, language, user agent, installed software, web sites commonly visited, people who are communicated with, etc… Attributes have a tendency to cross identities, similar problems with device profiles 16 IBM Security Systems © 2012 IBM Corporation
IBM Security Systems Security Intelligence Amplified by Advanced Analytics Today’s Knowledge Applied to Yesterday’s Problems Today breached organizations go weeks or months un-aware of someone who has already infiltrated their network Why not use today’s knowledge to analyze yesterday’s data? Capture all traffic from for a period of time.. As Security Detection technics are updated (AV, IPS Signatures, BlackLists, MD5s, etc…) run them against yesterdays data… Big Data not only allows us to store everything, we can extract the attributes used for detection up front to speed up analysis of old data: PCAP Data -> •List of all IPs and Domains •All File MD5s •All Links in email and social communications Host Inventory Data -> •Registry Values •Patches Applied •File System Audit Quickly check for new indicators in yesterday’s values 17 IBM Security Systems © 2012 IBM Corporation
Confidential – for division executives only IBM Security Strategy Designing a Purpose-Built Security Intelligence Solution with Big Data Analytics 18 IBM Confidential © 2011 IBM Corporation
IBM Security Systems IBM QRadar: More than a SIEM it is a Security Intelligence Platform QRadar: Filters out the noise, improves incident & offense identification Enables proactive detection of targeted & zeroday attacks Is scalable to add more data sources and extensible to incorporate logic to detect new attack patterns Log Management SIEM Configuration & Vulnerability Management Network Activity & Anomaly Detection Network and Application Visibility  Purpose-Built Security Intelligence Solution  Pre-built support for 100s of scenarios  Capability to ingest security data from 1000s of IT devices and numerous data feeds including XForce  Single Console with Unified Data Architecture  Powerful correlation engine to add security context to data  Rich Asset Database with profiles of assets, applications, vulnerabilities and other security related content © 2012 IBM Corporation
IBM Security Systems QRadar uses Big Data capabilities to identify critical security events High Volume Security Events and Network Activity High Priority Security Offenses IBM QRadar Big Data Capabilities Customer Results  New SIEM appliances with massive scale  Payload indexing for rapid ad hoc query leveraging a purpose-built data store  Search 7M+ events in <0.2 sec  Google-like Instant Search of large data sets (both logs and flows)  Instant, free-text searching for easier and faster forensics  Intelligent data policy management  Granular management of log and flow data  Advanced Threat Visualization and Impact Analysis 20  Quickly find critical insights among 1000s of devices and years of data  Attack path visualization and device / interface mapping IBM Security Systems © 2012 IBM Corporation
IBM Security Systems Integrated analytics and exploration in a new architecture Security Intelligence Platform Real-time Processing • Real-time network data correlation • Anomaly detection • Event and flow normalization • Security context & enrichment • Distributed architecture Big Data Platform Big Data Processing •Long-term, multi-PB storage •Unstructured and structured •Distributed Hadoop infrastructure •Real-time stream computing •Preservation of raw data •Enterprise Integration Security Operations Analytics and Forensics •Pre-defined rules and reports • Advanced visuals and interaction •Offense scoring & prioritization • Predictive & decision modeling • Ad hoc queries •Activity and event graphing •Compliance reporting •Workflow management • Interactive visualizations • Collaborative sharing tools • Pluggable, intuitive UI 21 IBM Security Systems © 2012 IBM Corporation
IBM Security Systems Design Pattern: Security Intelligence Employing Big Data Visualizations & Reporting Operational Management Security IQ 22 IBM Security Systems Data Exploration © 2012 IBM Corporation
IBM Security Systems IBM’s Purpose-Built Security Intelligence with Big Data Solution  Coupling Real-time Security Analysis With Asymmetric Big Data Analytics  Broaden use cases supported while enabling ad hoc analysis – – – – – – 23 IBM Security Systems Establish a Baseline Counter Cyber Attacks Qualify Insider Threats Protect against Advanced Persistent Threats Mitigate Fraud Predict Hacktivism © 2012 IBM Corporation
IBM Security Systems Cyber Intelligence 4 1 unified product family to help capture, predict, discover trends, and automatically deliver highvolume, optimized decisions 3 IBM i2 Analyst Notebook helps analysts investigate fraud by discovering patterns and trends across volumes of data IBM QRadar Security Intelligence unified architecture for collecting, storing, analyzing and querying log, threat, vulnerability and risk related data 24 IBM SPSS IBM Security Systems 2 IBM Big Data Platform (Streams, Big Insights, Netezza) addresses the speed and flexibility required for customized data exploration, discovery and unstructured analysis © 2012 IBM Corporation
IBM Security Systems New architecture to leverage all data and analytics Streams Data in Motion     Video/Audio Network/Sensor Entity Analytics Predictive Information Ingestion and Operational Information Data at Rest Data in Many Forms 25 25 IBM Security Systems Intelligence Analysis Real-time Analytics  Stream Processing  Data Integration  Master Data Landing Area, Analytics Zone and Archive  Raw Data  Structured Data  Text Analytics  Data Mining  Entity Analytics  Machine Learning Security Intelligence Platform • Data collection and enrichment • Event correlation • Real-time analytics • Offense prioritization Decision Management BI and Predictive Analytics Navigation and Discovery Information Governance, Security and Business Continuity © 2012 IBM Corporation
IBM Security Systems Customizing & Extending IBM’s Security Intelligence with Big Data Solution Triggers for Specific Capabilities to Augment Core Security Intelligence with Big Data Solution: Ingesting and Pre-processing Domain or Industry Specific Very High Velocity Data Streams for correlation with cyber security data Example Data Sources: Telecom: Customer Data Records Energy & Utilities: Grid Sensor Data Surveillance: Video/Audio content Performing Advanced Statistical, Predictive and/or Identity Analytics on all data captured to yield security insights Example Analysis: •Visualize linkages of users to privileged identities •Which user group has the highest propensity for insider fraud? Executing Frequently Repeated Queries and other Analytical workloads best suited for massive parallel processing on Warehoused Security-enriched data Example Queries: •Quarterly reporting on historical warehoused security data 26 IBM Security Systems © 2012 IBM Corporation
IBM Security Systems Learn more about Security Intelligence with Big Data : Watch a demonstration http://ibm.co/1cn4O6Z Download the latest ESG report : on Big Data Security Analytics http://ibm.co/early_leader : Read our White Paper http://ibm.co/Big_Data www. :Blog securityintelligence.com http://ibm.co/SIBD : Website 27 IBM Security Systems © 2012 IBM Corporation
IBM Security Systems Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. ibm.com/security 28 © Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. IBM Security Systems © 2012 IBM Corporation

Empfohlen

Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsIBM Security
 
Peter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive SecurityPeter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive Securityscoopnewsgroup
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsIBM Security
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?IBM Security
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Sirius
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionIBM Security
 
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...Michael Noel
 

Empfohlen

Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsIBM Security
 
Peter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive SecurityPeter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive Securityscoopnewsgroup
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsIBM Security
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?IBM Security
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Sirius
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionIBM Security
 
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...Michael Noel
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...IBM Security
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsIBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...IBM Security
 
True Cost of Data Breaches
True Cost of Data BreachesTrue Cost of Data Breaches
True Cost of Data BreachesMatthew Rosenquist
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016IBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats IBM Security
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services OverviewCasey Lucas
 
The Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for InvestorsThe Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for InvestorsOurCrowd
 
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalArrow ECS UK
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA IBM Security
 
Cyber Security Landscape: Changes, Threats and Challenges
Cyber Security Landscape: Changes, Threats and Challenges Cyber Security Landscape: Changes, Threats and Challenges
Cyber Security Landscape: Changes, Threats and Challenges Bloxx
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceIBM Security
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Imperva
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadarVirginia Fernandez
 
The Changing Security Landscape
The Changing Security LandscapeThe Changing Security Landscape
The Changing Security LandscapeArrow ECS UK
 
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...Shah Sheikh
 
IBM Security Strategy
IBM Security StrategyIBM Security Strategy
IBM Security StrategyCamilo Fandiño Gómez
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...IBM Security
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
Online Classified Ad in Newspaper Whitianga, Mercury Bay | the Mercury Bay In...
Online Classified Ad in Newspaper Whitianga, Mercury Bay | the Mercury Bay In...Online Classified Ad in Newspaper Whitianga, Mercury Bay | the Mercury Bay In...
Online Classified Ad in Newspaper Whitianga, Mercury Bay | the Mercury Bay In...theinformer119
 
Handling Money God's Way 7-25-2013
Handling Money God's Way 7-25-2013Handling Money God's Way 7-25-2013
Handling Money God's Way 7-25-2013Tim Mooney
 

Weitere ähnliche Inhalte

Was ist angesagt?

Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...IBM Security
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsIBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...IBM Security
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016IBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats IBM Security
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services OverviewCasey Lucas
 
The Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for InvestorsThe Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for InvestorsOurCrowd
 
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalArrow ECS UK
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
Cyber Security Landscape: Changes, Threats and Challenges
Cyber Security Landscape: Changes, Threats and Challenges Cyber Security Landscape: Changes, Threats and Challenges
Cyber Security Landscape: Changes, Threats and Challenges Bloxx
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceIBM Security
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Imperva
 
The Changing Security Landscape
The Changing Security LandscapeThe Changing Security Landscape
The Changing Security LandscapeArrow ECS UK
 
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...Shah Sheikh
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...IBM Security
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemIBM Security
 

Was ist angesagt? (20)

Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
 
True Cost of Data Breaches
True Cost of Data BreachesTrue Cost of Data Breaches
True Cost of Data Breaches
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services Overview
 
The Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for InvestorsThe Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for Investors
 
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_final
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
 
Cyber Security Landscape: Changes, Threats and Challenges
Cyber Security Landscape: Changes, Threats and Challenges Cyber Security Landscape: Changes, Threats and Challenges
Cyber Security Landscape: Changes, Threats and Challenges
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
 
The Changing Security Landscape
The Changing Security LandscapeThe Changing Security Landscape
The Changing Security Landscape
 
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
 
IBM Security Strategy
IBM Security StrategyIBM Security Strategy
IBM Security Strategy
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
 

Andere mochten auch

Online Classified Ad in Newspaper Whitianga, Mercury Bay | the Mercury Bay In...
Online Classified Ad in Newspaper Whitianga, Mercury Bay | the Mercury Bay In...Online Classified Ad in Newspaper Whitianga, Mercury Bay | the Mercury Bay In...
Online Classified Ad in Newspaper Whitianga, Mercury Bay | the Mercury Bay In...theinformer119
 
Handling Money God's Way 7-25-2013
Handling Money God's Way 7-25-2013Handling Money God's Way 7-25-2013
Handling Money God's Way 7-25-2013Tim Mooney
 
SXSW15 Brain food
SXSW15 Brain food SXSW15 Brain food
SXSW15 Brain food Sarah May
 
Similarities and Differences between the UFC and other Professional Sports Le...
Similarities and Differences between the UFC and other Professional Sports Le...Similarities and Differences between the UFC and other Professional Sports Le...
Similarities and Differences between the UFC and other Professional Sports Le...Nick Dawson
 
Hadoop and Data Access Security
Hadoop and Data Access SecurityHadoop and Data Access Security
Hadoop and Data Access SecurityCloudera, Inc.
 

Andere mochten auch (8)

Online Classified Ad in Newspaper Whitianga, Mercury Bay | the Mercury Bay In...
Online Classified Ad in Newspaper Whitianga, Mercury Bay | the Mercury Bay In...Online Classified Ad in Newspaper Whitianga, Mercury Bay | the Mercury Bay In...
Online Classified Ad in Newspaper Whitianga, Mercury Bay | the Mercury Bay In...
 
Handling Money God's Way 7-25-2013
Handling Money God's Way 7-25-2013Handling Money God's Way 7-25-2013
Handling Money God's Way 7-25-2013
 
SXSW15 Brain food
SXSW15 Brain food SXSW15 Brain food
SXSW15 Brain food
 
Similarities and Differences between the UFC and other Professional Sports Le...
Similarities and Differences between the UFC and other Professional Sports Le...Similarities and Differences between the UFC and other Professional Sports Le...
Similarities and Differences between the UFC and other Professional Sports Le...
 
U2
U2U2
U2
 
Hadoop and Data Access Security
Hadoop and Data Access SecurityHadoop and Data Access Security
Hadoop and Data Access Security
 
Sentry - An Introduction
Sentry - An Introduction Sentry - An Introduction
Sentry - An Introduction
 
Landscape assignments
Landscape assignmentsLandscape assignments
Landscape assignments
 

Ähnlich wie Avoiding data breach using security intelligence and big data to stay out of the headlines

Big Data - Amplifying Security Intelligence
Big Data - Amplifying Security IntelligenceBig Data - Amplifying Security Intelligence
Big Data - Amplifying Security IntelligenceIBM Danmark
 
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanIBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanShwetank Jayaswal
 
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to KnowDefining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to KnowIBM Security
 
PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM
 
Ibm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckIbm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckArrow ECS UK
 
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorIBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorFMA Summits
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardEMC
 
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas WespiIT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas WespiIBM Switzerland
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Stefaan Van daele
 
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security StrategyDSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security StrategyAndris Soroka
 
Take your SOC Beyond SIEM
Take your SOC Beyond SIEMTake your SOC Beyond SIEM
Take your SOC Beyond SIEMThomas Springer
 
Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsIBM Security
 
Splunk for Security Breakout Session
Splunk for Security Breakout SessionSplunk for Security Breakout Session
Splunk for Security Breakout SessionSplunk
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016Francisco González Jiménez
 
Security Solution - IBM Business Connect Qatar Defend your company against cy...
Security Solution - IBM Business Connect Qatar Defend your company against cy...Security Solution - IBM Business Connect Qatar Defend your company against cy...
Security Solution - IBM Business Connect Qatar Defend your company against cy...Dalia Reda
 
Presentation defend your company against cyber threats with security solutions
Presentation defend your company against cyber threats with security solutionsPresentation defend your company against cyber threats with security solutions
Presentation defend your company against cyber threats with security solutionsxKinAnx
 
QRadar-XDR-Solution.pdf
QRadar-XDR-Solution.pdfQRadar-XDR-Solution.pdf
QRadar-XDR-Solution.pdfssuserf5beb3
 
A New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm ApproachingA New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm ApproachingSPI Conference
 
IBM Qradar & resilient
IBM Qradar & resilientIBM Qradar & resilient
IBM Qradar & resilientPrime Infoserv
 

Ähnlich wie Avoiding data breach using security intelligence and big data to stay out of the headlines (20)

Big Data - Amplifying Security Intelligence
Big Data - Amplifying Security IntelligenceBig Data - Amplifying Security Intelligence
Big Data - Amplifying Security Intelligence
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
 
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanIBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajan
 
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to KnowDefining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
 
PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red Hat
 
Ibm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckIbm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deck
 
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorIBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy Sector
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path Forward
 
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas WespiIT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence
 
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security StrategyDSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
 
Take your SOC Beyond SIEM
Take your SOC Beyond SIEMTake your SOC Beyond SIEM
Take your SOC Beyond SIEM
 
Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
 
Splunk for Security Breakout Session
Splunk for Security Breakout SessionSplunk for Security Breakout Session
Splunk for Security Breakout Session
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
Security Solution - IBM Business Connect Qatar Defend your company against cy...
Security Solution - IBM Business Connect Qatar Defend your company against cy...Security Solution - IBM Business Connect Qatar Defend your company against cy...
Security Solution - IBM Business Connect Qatar Defend your company against cy...
 
Presentation defend your company against cyber threats with security solutions
Presentation defend your company against cyber threats with security solutionsPresentation defend your company against cyber threats with security solutions
Presentation defend your company against cyber threats with security solutions
 
QRadar-XDR-Solution.pdf
QRadar-XDR-Solution.pdfQRadar-XDR-Solution.pdf
QRadar-XDR-Solution.pdf
 
A New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm ApproachingA New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm Approaching
 
IBM Qradar & resilient
IBM Qradar & resilientIBM Qradar & resilient
IBM Qradar & resilient
 

Mehr von IBM Security

Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...IBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...IBM Security
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIBM Security
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...IBM Security
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...IBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackIBM Security
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationIBM Security
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowIBM Security
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020IBM Security
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityIBM Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident ResponseIBM Security
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...IBM Security
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsIBM Security
 
Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware IBM Security
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017IBM Security
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersIBM Security
 

Mehr von IBM Security (17)

Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile Metrics
 
Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
 

Kürzlich hochgeladen

Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Kirill Klimov
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfKhaled Al Awadi
 
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...ShrutiBose4
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCRashishs7044
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menzaictsugar
 
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607dollysharma2066
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Riya Pathan
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxContemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxMarkAnthonyAurellano
 
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadAyesha Khan
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailAriel592675
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis UsageNeil Kimberley
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Pereraictsugar
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionMintel Group
 
IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024Matteo Carbone
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCRashishs7044
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?Olivia Kresic
 

Kürzlich hochgeladen (20)

Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
 
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
 
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
 
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCREnjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxContemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
 
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detail
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Perera
 
Corporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information TechnologyCorporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information Technology
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted Version
 
IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024
 
Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?
 

Avoiding data breach using security intelligence and big data to stay out of the headlines

  • 1. IBM Security Systems AMPLIFYING SECURITY INTELLIGENCE WITH BIG DATA AND ADVANCED ANALYTICS Vijay Dheap Global Product Manager, Master Inventor Big Data Security Intelligence & Mobile Security vdheap@us.ibm.com 1 IBM Security Systems © 2012 IBM Corporation © 2012 IBM Corporation
  • 2. IBM Security Systems Welcome to a Not So Friendly Cyber World… Biggest Bank Heist in History Nets $45Million All without setting foot in a Bank… CYBER ESPIONAGE VIA SOCIAL NETWORKING SITES TARGET: US DOD OFFICIALS Hidden Malware Steals 3000 Confidential Documents – Japanese Ministry 2 IBM Security Systems © 2012 IBM Corporation
  • 3. IBM Security Systems Playing Defense… Traditional Approach to Security Predicated on a Defensive Mindset  Assumes explicit organizational perimeter  Optimized for combating external threats  Presumes standardization mitigates risk  Dependent on general awareness of attack methodologies  Requires monitoring and control of traffic flows Origins of Security Intelligence Layered Defenses Essential for Good Security Hygiene and Addressing Traditional Security Threats…but attackers adapting too 3 IBM Security Systems © 2012 IBM Corporation
  • 4. IBM Security Systems Business Change is Coming…If Not Already Here Enterprises are Undergoing Dynamic Transformations The Organization’s Cyber Perimeter is Being Blurred…It can no longer be assumed 4 IBM Security Systems © 2012 IBM Corporation
  • 5. IBM Security Systems Evolving Attack Tactics…Focus on Breaching Defenses 5 IBM Security Systems © 2012 IBM Corporation
  • 6. IBM Security Systems A Look at the Emerging Threat Landscape Targeted, Persistent, Clandestine Concealed, Motivated, Opportunistic Situational, Subversive, Unsanctioned 6 IBM Security Systems Topical, Disruptive, Public Focused, Well-Funded, Scalable © 2012 IBM Corporation
  • 7. IBM Security Systems Questions CISO Want to be Able to Answer… 7 IBM Security Systems © 2012 IBM Corporation
  • 8. IBM Security Systems Incorporating a More Proactive Mindset to Enterprise Security Audit, Patch & Block Detect, Analyze & Remediate Think like a defender, defense-in-depth mindset Think like an attacker, counter intelligence mindset Protect all assets Emphasize the perimeter Patch systems Use signature-based detection Scan endpoints for malware Read the latest news Collect logs Conduct manual interviews Shut down systems Protect high value assets Emphasize the data Harden targets and weakest links Use anomaly-based detection Baseline system behavior Consume threat feeds Collect everything Automate correlation and analytics Gather and preserve evidence Broad 8 IBM Security Systems Targeted © 2012 IBM Corporation
  • 9. IBM Security Systems Greater Need for Security Intelligence… • Visibility across organizational security systems • Improved response times • Adaptability/flexibility required for early detection of threats and risky behaviors 9 IBM Security Systems Log Manager SIEM Network Activity Monitor Risk Manager Vulnerability Manager © 2012 IBM Corporation
  • 10. IBM Security Systems Evolution of Security Intelligence nti de /I ers es Us  Initial Visibility  Facilitates Compliance  Attackers adapt not to leave a trace t s e ry A s ve o is c D ork tw Ne low F t og men L e g na Ma t og men L e g na Ma ti  Network Does Not Lie  Greater Coverage across organization  Attackers adapt to hide in the noise SIEM ti nti de s/I r se es U g nt Lo eme g na Ma 10 IBM Security Systems t s e ry A s ve o i sc D ork etw N Flow …other relevant data red a Sh l nte I t ke c Pa ure ll Fu apt C  Filters out the noise, improves incident and offense identification  Proactive to detect targeted and zero-day attacks  Needs scalability to add more data sources and extensibility to support additional security analytics Security Intelligence © 2012 IBM Corporation
  • 11. IBM Security Systems Amplifying Security Intelligence with Big Data Analytics The Triggers That Motivate Big Data Analytics for Security Intelligence: 11 IBM Security Systems © 2012 IBM Corporation
  • 12. IBM Security Systems Extending the IQ of a Security Intelligence Solution to Big Data Need to derive security relevant semantics from syntactic elements contained in raw data. Distilling Analytical functions, tools and workflows that can be employed to deliver insights Availability of codified human know-how and understanding to enable machine processing and progressively automate manual processes 12 IBM Security Systems © 2012 IBM Corporation
  • 13. Confidential – for division executives only IBM Security Strategy Use Cases 13 IBM Confidential © 2011 IBM Corporation
  • 14. IBM Security Systems Security Intelligence From Real-time Processing of Big Data Behavior monitoring and flow analytics Activity and data access monitoring Stealthy malware detection 14 IBM Security Systems Network Traffic Network Traffic Doesn‘t Lie Doesn‘t Lie Attackers can stop logging and Attackers can stop logging and erase their tracks, but can’t cut off erase their tracks, but can’t cut off the network (flow data) the network (flow data) Improved Improved Breach Detection Breach Detection 360-degree visibility helps 360-degree visibility helps distinguish true breaches from distinguish true breaches from benign activity, in real-time benign activity, in real-time Irrefutable Botnet Irrefutable Botnet Communication Communication Layer 7 flow data shows botnet Layer 7 flow data shows botnet command and control instructions command and control instructions © 2012 IBM Corporation
  • 15. IBM Security Systems Security Intelligence Amplified by Advanced Analytics Hunting for External Command & Control (C&C) Domains of an Attacker Historical analysis of DNS activity within organization Automate correlation against external DNS registries Advanced analytics identify suspicious domains Why only a few hits across the entire organization to these domains? Correlating to public DNS registry information increases suspicions Pursue Active Spear-Phishing Campaigns Targeting the Organization Employ Big Data Analytics on email to identify patterns to identify targets and redirects Build visualizations, such as heat maps, to view top targets of a spear-phishing attacks Load Spear-Phishing targets and redirect URLs into realtime security intelligence analysis to thwart the attack 15 IBM Security Systems © 2012 IBM Corporation
  • 16. IBM Security Systems Security Intelligence Amplified by Advanced Analytics Tracking Multiple Unrelated Identities Who am I? Who are you? Who do we communicate with? What devices do we own? Name: John Smith Corporate ID: John.Smith@us.ibm.com Google analytics: jsmith22@gmail.com Mobile: 613-334-6572, MAC, IP Public Community: BigPipes11 Laptop: Several IPs, MAC Addresses, HostNames Tablet: IP Address, MAC Address Employ Big Data Analytics on structured attributes and un structured communications to link identities Other linking attributes: Fonts installed, language, user agent, installed software, web sites commonly visited, people who are communicated with, etc… Attributes have a tendency to cross identities, similar problems with device profiles 16 IBM Security Systems © 2012 IBM Corporation
  • 17. IBM Security Systems Security Intelligence Amplified by Advanced Analytics Today’s Knowledge Applied to Yesterday’s Problems Today breached organizations go weeks or months un-aware of someone who has already infiltrated their network Why not use today’s knowledge to analyze yesterday’s data? Capture all traffic from for a period of time.. As Security Detection technics are updated (AV, IPS Signatures, BlackLists, MD5s, etc…) run them against yesterdays data… Big Data not only allows us to store everything, we can extract the attributes used for detection up front to speed up analysis of old data: PCAP Data -> •List of all IPs and Domains •All File MD5s •All Links in email and social communications Host Inventory Data -> •Registry Values •Patches Applied •File System Audit Quickly check for new indicators in yesterday’s values 17 IBM Security Systems © 2012 IBM Corporation
  • 18. Confidential – for division executives only IBM Security Strategy Designing a Purpose-Built Security Intelligence Solution with Big Data Analytics 18 IBM Confidential © 2011 IBM Corporation
  • 19. IBM Security Systems IBM QRadar: More than a SIEM it is a Security Intelligence Platform QRadar: Filters out the noise, improves incident & offense identification Enables proactive detection of targeted & zeroday attacks Is scalable to add more data sources and extensible to incorporate logic to detect new attack patterns Log Management SIEM Configuration & Vulnerability Management Network Activity & Anomaly Detection Network and Application Visibility  Purpose-Built Security Intelligence Solution  Pre-built support for 100s of scenarios  Capability to ingest security data from 1000s of IT devices and numerous data feeds including XForce  Single Console with Unified Data Architecture  Powerful correlation engine to add security context to data  Rich Asset Database with profiles of assets, applications, vulnerabilities and other security related content © 2012 IBM Corporation
  • 20. IBM Security Systems QRadar uses Big Data capabilities to identify critical security events High Volume Security Events and Network Activity High Priority Security Offenses IBM QRadar Big Data Capabilities Customer Results  New SIEM appliances with massive scale  Payload indexing for rapid ad hoc query leveraging a purpose-built data store  Search 7M+ events in <0.2 sec  Google-like Instant Search of large data sets (both logs and flows)  Instant, free-text searching for easier and faster forensics  Intelligent data policy management  Granular management of log and flow data  Advanced Threat Visualization and Impact Analysis 20  Quickly find critical insights among 1000s of devices and years of data  Attack path visualization and device / interface mapping IBM Security Systems © 2012 IBM Corporation
  • 21. IBM Security Systems Integrated analytics and exploration in a new architecture Security Intelligence Platform Real-time Processing • Real-time network data correlation • Anomaly detection • Event and flow normalization • Security context & enrichment • Distributed architecture Big Data Platform Big Data Processing •Long-term, multi-PB storage •Unstructured and structured •Distributed Hadoop infrastructure •Real-time stream computing •Preservation of raw data •Enterprise Integration Security Operations Analytics and Forensics •Pre-defined rules and reports • Advanced visuals and interaction •Offense scoring & prioritization • Predictive & decision modeling • Ad hoc queries •Activity and event graphing •Compliance reporting •Workflow management • Interactive visualizations • Collaborative sharing tools • Pluggable, intuitive UI 21 IBM Security Systems © 2012 IBM Corporation
  • 22. IBM Security Systems Design Pattern: Security Intelligence Employing Big Data Visualizations & Reporting Operational Management Security IQ 22 IBM Security Systems Data Exploration © 2012 IBM Corporation
  • 23. IBM Security Systems IBM’s Purpose-Built Security Intelligence with Big Data Solution  Coupling Real-time Security Analysis With Asymmetric Big Data Analytics  Broaden use cases supported while enabling ad hoc analysis – – – – – – 23 IBM Security Systems Establish a Baseline Counter Cyber Attacks Qualify Insider Threats Protect against Advanced Persistent Threats Mitigate Fraud Predict Hacktivism © 2012 IBM Corporation
  • 24. IBM Security Systems Cyber Intelligence 4 1 unified product family to help capture, predict, discover trends, and automatically deliver highvolume, optimized decisions 3 IBM i2 Analyst Notebook helps analysts investigate fraud by discovering patterns and trends across volumes of data IBM QRadar Security Intelligence unified architecture for collecting, storing, analyzing and querying log, threat, vulnerability and risk related data 24 IBM SPSS IBM Security Systems 2 IBM Big Data Platform (Streams, Big Insights, Netezza) addresses the speed and flexibility required for customized data exploration, discovery and unstructured analysis © 2012 IBM Corporation
  • 25. IBM Security Systems New architecture to leverage all data and analytics Streams Data in Motion     Video/Audio Network/Sensor Entity Analytics Predictive Information Ingestion and Operational Information Data at Rest Data in Many Forms 25 25 IBM Security Systems Intelligence Analysis Real-time Analytics  Stream Processing  Data Integration  Master Data Landing Area, Analytics Zone and Archive  Raw Data  Structured Data  Text Analytics  Data Mining  Entity Analytics  Machine Learning Security Intelligence Platform • Data collection and enrichment • Event correlation • Real-time analytics • Offense prioritization Decision Management BI and Predictive Analytics Navigation and Discovery Information Governance, Security and Business Continuity © 2012 IBM Corporation
  • 26. IBM Security Systems Customizing & Extending IBM’s Security Intelligence with Big Data Solution Triggers for Specific Capabilities to Augment Core Security Intelligence with Big Data Solution: Ingesting and Pre-processing Domain or Industry Specific Very High Velocity Data Streams for correlation with cyber security data Example Data Sources: Telecom: Customer Data Records Energy & Utilities: Grid Sensor Data Surveillance: Video/Audio content Performing Advanced Statistical, Predictive and/or Identity Analytics on all data captured to yield security insights Example Analysis: •Visualize linkages of users to privileged identities •Which user group has the highest propensity for insider fraud? Executing Frequently Repeated Queries and other Analytical workloads best suited for massive parallel processing on Warehoused Security-enriched data Example Queries: •Quarterly reporting on historical warehoused security data 26 IBM Security Systems © 2012 IBM Corporation
  • 27. IBM Security Systems Learn more about Security Intelligence with Big Data : Watch a demonstration http://ibm.co/1cn4O6Z Download the latest ESG report : on Big Data Security Analytics http://ibm.co/early_leader : Read our White Paper http://ibm.co/Big_Data www. :Blog securityintelligence.com http://ibm.co/SIBD : Website 27 IBM Security Systems © 2012 IBM Corporation
  • 28. IBM Security Systems Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. ibm.com/security 28 © Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. IBM Security Systems © 2012 IBM Corporation